At some point, the cracker is going to reach diminishing returns.
Presumably some fraction of the remaining 15% will be completely random, from people using password managers or similar. These could only be cracked by brute force (assuming they are truly random), and since they're also likely longer, it's unlikely they would be cracked any time soon - they're just not worth the computational investment to the cracker.
> Any estimate on the time to crack the remaining 15%?
I know of at least one person on LinkedIn using passwords of the form 2jzAwGyOzfxNoW0u3lTIIa (i.e., 22 digits & mixed-case letters); calculating 209.7 million hashes per second he should be able to crack his first one of that sort of password in about 182,686,540 years.
Anybody using a modern password safe should be in exactly that position. I use 1Password and default to 25chars including upper/lower/digits/specials. It's occasionally annoying when I need to transcribe one of those passwords from my phone into a system I trust but not enough to keep my password safe on (my work laptop, for example), butthat's rare enough that I just suck it up and cope.
I'm assuming it's one of them given it was a gift from Sagitta. Quite a while back when I was in it. Then, they were using FPGA's to offload cracking from our Pentium 3's and 4's. High end FPGA's cost $1-2k. Systems that integrate them were often a lot more expensive but one could get coprocessor cards. So, not sure if password cracking has come down in cost or gone up vs FPGA's.
The combo of algorithms supported, flexibility, and performance is certainly better than cranking out HW implementations on FPGA's.
What does a box like the one mentioned in the article cost?
Any estimate on the time to crack the remaining 15%?